[gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/ - gentoo-commits

From:	Patrick McLean <chutzpah@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/
Date:	Mon, 23 Aug 2021 18:43:22
Message-Id:	`1629744194.60c5e586f621154da0c4fddbe741d4746ee65411.chutzpah@gentoo`

1

commit:     60c5e586f621154da0c4fddbe741d4746ee65411

2

Author:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>

3

AuthorDate: Mon Aug 23 18:43:06 2021 +0000

4

Commit:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>

5

CommitDate: Mon Aug 23 18:43:14 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=60c5e586

7

8

net-firewall/nftables-1.0.0: Version bump

9

10

Package-Manager: Portage-3.0.22, Repoman-3.0.3

11

Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org>

12

13

 net-firewall/nftables/Manifest              |   1 +

14

 net-firewall/nftables/nftables-1.0.0.ebuild | 179 ++++++++++++++++++++++++++++

15

 2 files changed, 180 insertions(+)

16

17

diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest

18

index f3814d15688..8f09bc4eb7b 100644

19

--- a/net-firewall/nftables/Manifest

20

+++ b/net-firewall/nftables/Manifest

21

@@ -1,2 +1,3 @@

22

 DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180

23

 DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab

24

+DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014

25

26

diff --git a/net-firewall/nftables/nftables-1.0.0.ebuild b/net-firewall/nftables/nftables-1.0.0.ebuild

27

new file mode 100644

28

index 00000000000..376318f5382

29

--- /dev/null

30

+++ b/net-firewall/nftables/nftables-1.0.0.ebuild

31

@@ -0,0 +1,179 @@

32

+# Copyright 1999-2021 Gentoo Authors

33

+# Distributed under the terms of the GNU General Public License v2

34

+

35

+EAPI=7

36

+

37

+PYTHON_COMPAT=( python3_{7..10} )

38

+

39

+inherit autotools linux-info python-r1 systemd

40

+

41

+DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"

42

+HOMEPAGE="https://netfilter.org/projects/nftables/"

43

+

44

+if [[ ${PV} =~ ^[9]{4,}$ ]]; then

45

+	inherit git-r3

46

+	EGIT_REPO_URI="https://git.netfilter.org/${PN}"

47

+

48

+	BDEPEND="

49

+		sys-devel/bison

50

+		sys-devel/flex

51

+	"

52

+else

53

+	SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"

54

+	KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86"

55

+fi

56

+

57

+LICENSE="GPL-2"

58

+SLOT="0/1"

59

+IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables"

60

+

61

+RDEPEND="

62

+	>=net-libs/libmnl-1.0.4:0=

63

+	>=net-libs/libnftnl-1.2.0:0=

64

+	gmp? ( dev-libs/gmp:0= )

65

+	json? ( dev-libs/jansson:= )

66

+	python? ( ${PYTHON_DEPS} )

67

+	readline? ( sys-libs/readline:0= )

68

+	xtables? ( >=net-firewall/iptables-1.6.1 )

69

+"

70

+

71

+DEPEND="${RDEPEND}"

72

+

73

+BDEPEND+="

74

+	doc? (

75

+		app-text/asciidoc

76

+		>=app-text/docbook2X-0.8.8-r4

77

+	)

78

+	virtual/pkgconfig

79

+"

80

+

81

+REQUIRED_USE="

82

+	python? ( ${PYTHON_REQUIRED_USE} )

83

+	libedit? ( !readline )

84

+"

85

+

86

+PATCHES=(

87

+	"${FILESDIR}/${PN}-0.9.8-slibtool.patch"

88

+)

89

+

90

+python_make() {

91

+	emake \

92

+		-C py \

93

+		abs_builddir="${S}" \

94

+		DESTDIR="${D}" \

95

+		PYTHON_BIN="${PYTHON}" \

96

+		"${@}"

97

+}

98

+

99

+pkg_setup() {

100

+	if kernel_is ge 3 13; then

101

+		if use modern-kernel && kernel_is lt 3 18; then

102

+			eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."

103

+		fi

104

+		CONFIG_CHECK="~NF_TABLES"

105

+		linux-info_pkg_setup

106

+	else

107

+		eerror "This package requires kernel version 3.13 or newer to work properly."

108

+	fi

109

+}

110

+

111

+src_prepare() {

112

+	default

113

+

114

+	# fix installation path for doc stuff

115

+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \

116

+		-i files/nftables/Makefile.am || die

117

+	sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \

118

+		-i files/osf/Makefile.am || die

119

+

120

+	eautoreconf

121

+}

122

+

123

+src_configure() {

124

+	local myeconfargs=(

125

+		# We handle python separately

126

+		--disable-python

127

+		--sbindir="${EPREFIX}"/sbin

128

+		$(use_enable debug)

129

+		$(use_enable doc man-doc)

130

+		$(use_with !gmp mini_gmp)

131

+		$(use_with json)

132

+		$(use_with libedit cli editline)

133

+		$(use_with readline cli readline)

134

+		$(use_enable static-libs static)

135

+		$(use_with xtables)

136

+	)

137

+	econf "${myeconfargs[@]}"

138

+}

139

+

140

+src_compile() {

141

+	default

142

+

143

+	if use python; then

144

+		python_foreach_impl python_make

145

+	fi

146

+}

147

+

148

+src_install() {

149

+	default

150

+

151

+	if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then

152

+		pushd doc >/dev/null || die

153

+		doman *.?

154

+		popd >/dev/null || die

155

+	fi

156

+

157

+	local mksuffix="$(usex modern-kernel '-mk' '')"

158

+

159

+	exeinto /usr/libexec/${PN}

160

+	newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh

161

+	newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}

162

+	newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}

163

+	keepdir /var/lib/nftables

164

+

165

+	systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service

166

+

167

+	if use python ; then

168

+		python_foreach_impl python_make install

169

+		python_foreach_impl python_optimize

170

+	fi

171

+

172

+	find "${ED}" -type f -name "*.la" -delete || die

173

+}

174

+

175

+pkg_postinst() {

176

+	local save_file

177

+	save_file="${EROOT}/var/lib/nftables/rules-save"

178

+

179

+	# In order for the nftables-restore systemd service to start

180

+	# the save_file must exist.

181

+	if [[ ! -f "${save_file}" ]]; then

182

+		( umask 177; touch "${save_file}" )

183

+	elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then

184

+		ewarn "Your system has dangerous permissions for ${save_file}"

185

+		ewarn "It is probably affected by bug #691326."

186

+		ewarn "You may need to fix the permissions of the file. To do so,"

187

+		ewarn "you can run the command in the line below as root."

188

+		ewarn "    'chmod 600 \"${save_file}\"'"

189

+	fi

190

+

191

+	if has_version 'sys-apps/systemd'; then

192

+		elog "If you wish to enable the firewall rules on boot (on systemd) you"

193

+		elog "will need to enable the nftables-restore service."

194

+		elog "    'systemctl enable ${PN}-restore.service'"

195

+		elog

196

+		elog "If you are creating firewall rules before the next system restart"

197

+		elog "the nftables-restore service must be manually started in order to"

198

+		elog "save those rules on shutdown."

199

+	fi

200

+	if has_version 'sys-apps/openrc'; then

201

+		elog "If you wish to enable the firewall rules on boot (on openrc) you"

202

+		elog "will need to enable the nftables service."

203

+		elog "    'rc-update add ${PN} default'"

204

+		elog

205

+		elog "If you are creating or updating the firewall rules and wish to save"

206

+		elog "them to be loaded on the next restart, use the \"save\" functionality"

207

+		elog "in the init script."

208

+		elog "    'rc-service ${PN} save'"

209

+	fi

210

+}

1	commit: 60c5e586f621154da0c4fddbe741d4746ee65411
2	Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
3	AuthorDate: Mon Aug 23 18:43:06 2021 +0000
4	Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
5	CommitDate: Mon Aug 23 18:43:14 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=60c5e586
7
8	net-firewall/nftables-1.0.0: Version bump
9
10	Package-Manager: Portage-3.0.22, Repoman-3.0.3
11	Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org>
12
13	net-firewall/nftables/Manifest \| 1 +
14	net-firewall/nftables/nftables-1.0.0.ebuild \| 179 ++++++++++++++++++++++++++++
15	2 files changed, 180 insertions(+)
16
17	diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
18	index f3814d15688..8f09bc4eb7b 100644
19	--- a/net-firewall/nftables/Manifest
20	+++ b/net-firewall/nftables/Manifest
21	@@ -1,2 +1,3 @@
22	DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180
23	DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab
24	+DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014
25
26	diff --git a/net-firewall/nftables/nftables-1.0.0.ebuild b/net-firewall/nftables/nftables-1.0.0.ebuild
27	new file mode 100644
28	index 00000000000..376318f5382
29	--- /dev/null
30	+++ b/net-firewall/nftables/nftables-1.0.0.ebuild
31	@@ -0,0 +1,179 @@
32	+# Copyright 1999-2021 Gentoo Authors
33	+# Distributed under the terms of the GNU General Public License v2
34	+
35	+EAPI=7
36	+
37	+PYTHON_COMPAT=( python3_{7..10} )
38	+
39	+inherit autotools linux-info python-r1 systemd
40	+
41	+DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
42	+HOMEPAGE="https://netfilter.org/projects/nftables/"
43	+
44	+if [[ ${PV} =~ ^[9]{4,}$ ]]; then
45	+ inherit git-r3
46	+ EGIT_REPO_URI="https://git.netfilter.org/${PN}"
47	+
48	+ BDEPEND="
49	+ sys-devel/bison
50	+ sys-devel/flex
51	+ "
52	+else
53	+ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2"
54	+ KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86"
55	+fi
56	+
57	+LICENSE="GPL-2"
58	+SLOT="0/1"
59	+IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables"
60	+
61	+RDEPEND="
62	+ >=net-libs/libmnl-1.0.4:0=
63	+ >=net-libs/libnftnl-1.2.0:0=
64	+ gmp? ( dev-libs/gmp:0= )
65	+ json? ( dev-libs/jansson:= )
66	+ python? ( ${PYTHON_DEPS} )
67	+ readline? ( sys-libs/readline:0= )
68	+ xtables? ( >=net-firewall/iptables-1.6.1 )
69	+"
70	+
71	+DEPEND="${RDEPEND}"
72	+
73	+BDEPEND+="
74	+ doc? (
75	+ app-text/asciidoc
76	+ >=app-text/docbook2X-0.8.8-r4
77	+ )
78	+ virtual/pkgconfig
79	+"
80	+
81	+REQUIRED_USE="
82	+ python? ( ${PYTHON_REQUIRED_USE} )
83	+ libedit? ( !readline )
84	+"
85	+
86	+PATCHES=(
87	+ "${FILESDIR}/${PN}-0.9.8-slibtool.patch"
88	+)
89	+
90	+python_make() {
91	+ emake \
92	+ -C py \
93	+ abs_builddir="${S}" \
94	+ DESTDIR="${D}" \
95	+ PYTHON_BIN="${PYTHON}" \
96	+ "${@}"
97	+}
98	+
99	+pkg_setup() {
100	+ if kernel_is ge 3 13; then
101	+ if use modern-kernel && kernel_is lt 3 18; then
102	+ eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly."
103	+ fi
104	+ CONFIG_CHECK="~NF_TABLES"
105	+ linux-info_pkg_setup
106	+ else
107	+ eerror "This package requires kernel version 3.13 or newer to work properly."
108	+ fi
109	+}
110	+
111	+src_prepare() {
112	+ default
113	+
114	+ # fix installation path for doc stuff
115	+ sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
116	+ -i files/nftables/Makefile.am \|\| die
117	+ sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
118	+ -i files/osf/Makefile.am \|\| die
119	+
120	+ eautoreconf
121	+}
122	+
123	+src_configure() {
124	+ local myeconfargs=(
125	+ # We handle python separately
126	+ --disable-python
127	+ --sbindir="${EPREFIX}"/sbin
128	+ $(use_enable debug)
129	+ $(use_enable doc man-doc)
130	+ $(use_with !gmp mini_gmp)
131	+ $(use_with json)
132	+ $(use_with libedit cli editline)
133	+ $(use_with readline cli readline)
134	+ $(use_enable static-libs static)
135	+ $(use_with xtables)
136	+ )
137	+ econf "${myeconfargs[@]}"
138	+}
139	+
140	+src_compile() {
141	+ default
142	+
143	+ if use python; then
144	+ python_foreach_impl python_make
145	+ fi
146	+}
147	+
148	+src_install() {
149	+ default
150	+
151	+ if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then
152	+ pushd doc >/dev/null \|\| die
153	+ doman *.?
154	+ popd >/dev/null \|\| die
155	+ fi
156	+
157	+ local mksuffix="$(usex modern-kernel '-mk' '')"
158	+
159	+ exeinto /usr/libexec/${PN}
160	+ newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
161	+ newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
162	+ newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
163	+ keepdir /var/lib/nftables
164	+
165	+ systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
166	+
167	+ if use python ; then
168	+ python_foreach_impl python_make install
169	+ python_foreach_impl python_optimize
170	+ fi
171	+
172	+ find "${ED}" -type f -name "*.la" -delete \|\| die
173	+}
174	+
175	+pkg_postinst() {
176	+ local save_file
177	+ save_file="${EROOT}/var/lib/nftables/rules-save"
178	+
179	+ # In order for the nftables-restore systemd service to start
180	+ # the save_file must exist.
181	+ if [[ ! -f "${save_file}" ]]; then
182	+ ( umask 177; touch "${save_file}" )
183	+ elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then
184	+ ewarn "Your system has dangerous permissions for ${save_file}"
185	+ ewarn "It is probably affected by bug #691326."
186	+ ewarn "You may need to fix the permissions of the file. To do so,"
187	+ ewarn "you can run the command in the line below as root."
188	+ ewarn " 'chmod 600 \"${save_file}\"'"
189	+ fi
190	+
191	+ if has_version 'sys-apps/systemd'; then
192	+ elog "If you wish to enable the firewall rules on boot (on systemd) you"
193	+ elog "will need to enable the nftables-restore service."
194	+ elog " 'systemctl enable ${PN}-restore.service'"
195	+ elog
196	+ elog "If you are creating firewall rules before the next system restart"
197	+ elog "the nftables-restore service must be manually started in order to"
198	+ elog "save those rules on shutdown."
199	+ fi
200	+ if has_version 'sys-apps/openrc'; then
201	+ elog "If you wish to enable the firewall rules on boot (on openrc) you"
202	+ elog "will need to enable the nftables service."
203	+ elog " 'rc-update add ${PN} default'"
204	+ elog
205	+ elog "If you are creating or updating the firewall rules and wish to save"
206	+ elog "them to be loaded on the next restart, use the \"save\" functionality"
207	+ elog "in the init script."
208	+ elog " 'rc-service ${PN} save'"
209	+ fi
210	+}

Gentoo Archives: gentoo-commits